from rest_framework import permissions

class IsOwnerReadonly(permissions.BasePermission):

    def has_object_permission(self, request, view, obj):
        """
        所有request都有读权限，因此一律允许GET/HEAD/OPTIONS
        :param request:
        :param view:
        :param obj:
        :return:
        """
        # if request.method in ('GET', 'HEAD', 'OPTIONS'):
        if request.method in permissions.SAFE_METHODS:
            return True
        return obj.teacher == request.user
